6.5
CVE-2026-24324
- EPSS 0.02%
- Veröffentlicht 10.02.2026 03:04:21
- Zuletzt bearbeitet 17.02.2026 15:15:09
- Quelle cna@sap.com
- CVE-Watchlists
- Unerledigt
Denial of service (DOS) vulnerability in SAP BusinessObjects Business Intelligence Platform (AdminTools)
SAP BusinessObjects Business Intelligence Platform (AdminTools) allows an authenticated attacker with user privileges to execute a specific query in AdminTools that could cause the Content Management Server (CMS) to crash, rendering the CMS partially or completely unavailable and resulting in the denial of service of the Content Management Server (CMS). Successful exploitation impacts system availability, while confidentiality and integrity remain unaffected.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SAP ≫ Businessobjects Business Intelligence Platform Version430 SwEditionenterprise
SAP ≫ Businessobjects Business Intelligence Platform Version2025 SwEditionenterprise
SAP ≫ Businessobjects Business Intelligence Platform Version2027 SwEditionenterprise
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.058 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@sap.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-405 Asymmetric Resource Consumption (Amplification)
The product does not properly control situations in which an adversary can cause the product to consume or produce excessive resources without requiring the adversary to invest equivalent work or otherwise prove authorization, i.e., the adversary's influence is "asymmetric."